DEV Community

Wakeup Flower
Wakeup Flower

Posted on

Direct Connect Gateway (DXGW) + transitive routing

#aws

1 — The problem

A company has:

  • Multiple on-premises data centers, each with a Direct Connect (DX) link.
  • Multiple VPCs across different AWS Regions.

They want:

  • Interconnection between all VPCs and the on-premises networks.
  • Low operational overhead (avoid manually building lots of VPNs or VPC peering).

2 — The traditional challenge

  • A Direct Connect (without DXGW) is tied to a single Region.

  • If you want to connect to multiple VPCs across Regions:

    • You’d need multiple DX connections or
    • Build a mesh of VPC peering / Transit Gateway + VPNs → complex, costly, hard to manage.

3 — Enter Direct Connect Gateway (DXGW)

  • A global AWS resource (not Regional).

  • Acts like a hub between:

    • Your on-premises networks (via DX links) and
    • Multiple VPCs across Regions (via VGWs).

  • You can connect one DXGW to:

    • Multiple DX links (from different on-premises sites).
    • Multiple VPCs in different Regions.

4 — Why this enables “transitive routing”

Normally:

  • A DX link connects on-prem → one Region → one VPC.
  • No transitive routing (you can’t go from on-prem → VPC-A → VPC-B).

With DXGW:

  • DXGW is the central router.

  • Traffic can flow:

    • On-premises A → DXGW → VPC in Region 1.
    • On-premises B → DXGW → VPC in Region 2.
    • VPC in Region 1 → DXGW → VPC in Region 2.

No need to manually set up peering or custom appliances.

5 — ASCII diagram 

            +-------------------+
            |   Direct Connect   |
            |     Gateway (DXGW) |
            +---------+----------+
                      |
   ----------------------------------------------
   |                        |                   |
+------+               +---------+         +---------+
| DX A |               |   VGW   |         |   VGW   |
| OnPrem1 ------------>| VPC-A   |         | VPC-B   |
+------+               +---------+         +---------+
                      (Region 1)           (Region 2)

+------+               
| DX B |               
| OnPrem2 ------------> (via same DXGW) 
+------+
Enter fullscreen mode Exit fullscreen mode

👉 All traffic flows through DXGW, acting like the “hub.”

6 — Why this is the best solution

  • Simplicity: One DXGW = hub for all Regions and VPCs.
  • Global: Works across most AWS Regions (except China).
  • Transitive routing: DXGW handles routing between on-prem and VPCs (and across Regions).
  • Scalable: Add more VPCs or DX links without redesigning the architecture.

Key takeaway:
A Direct Connect Gateway centralizes DX connections and VGWs, making it possible to interconnect multiple on-premises sites and multi-Region VPCs without building complex peering meshes or VPN topologies.

Top comments (0)